RSA CONFERENCE 2017 FEATURE REVIEW
THE BIGGEST ‘MUST GO’ CYBERSECURITY SHOW ON EARTH - PART 2 Editor’s RSA Conference 2017 Review
// ARTIFICIAL INTELLIGENCE PROTECTING THE ACTIVE DIRECTORY Interview with Javelin founders Guy Franco and Roi Abutbul, CEO At RSAC 2017 Javelin announced the release of AD Protect™, an AI-based platform designed to stop the use of stolen and misused directory credentials to move laterally into an organisation. Thwarting attackers at the point of compromise, it contains the breach to just one machine. The AI autonomously projects to the attacker a false set of organisational resources, including the Active Directory, that look and act real, yet get the attacker nowhere. The result is Javelin’s automated incident response (IR) and breach containment that improves attack
30 | Australian Security Magazine
compromise detection and directory credential theft or misuse, while assisting efforts to investigate and contain any further attack. The story behind Javelin arcs back to three young men meeting in the Israeli Airforce and Intelligence Corps. Guy and Roi, along with co-founder Almog Ohayon, started out in 2014 and after $2 million in seed funding, in early February 2017, they announced a $5 million Series-A Financing Round to fuel further development and growth. Based in Tel Aviv, the company is now also situated in Palo Alto, CA and Austin, TX. As Guy explained, “the industry is focused on protecting networks, computers, devices and applications, but at the end of the day the key element being targeted is the Active Directory (AD) – it is used 9 in every 10 companies around the world and remains mostly unprotected. All the campaigns APT attacks are based on is achieving AD manipulation – the attacker’s aim is to be stealthy, leave no evidence and achieve a high gain and mostly, a financial gain.” After almost two and half years working just on the technology with a dedicated ADP
(Automatic Data Processing) design team, the company launched in the second half of 2016 and hired former Cylance Executive, Greg Fitzgerald to drive the message that all the attacks and all the threats are focused on the AD – the heart of the organisation. Javelin reports seeing immediate traction with customers, with one customer, despite having a $50 million security budget, discovering they still had limited protection of the AD. Javelin can support 20,000 devices and then scale out to 500,000 end points. The learning phase is rapid, within minutes, acquiring 200 devices at a time – so a large enterprise network can be acquired within an hour or two. Roi stated, “the greatest thing we have accomplished is we have created an autonomous IR mechanism and the only one specifically designed to work in a domain environment. That domain environment has its own rules and we have built that from scratch – once we find an infection on one computer and deployed inside a domain, the AI establishes the elements of the infection and will automatically look across the network for those elements,
Published on Apr 7, 2017
The Australian Security Magazine is the country’s leading government and corporate security magazine. It is published bi-monthly and is dist...